I just found a simply way to reproduce this:
Firstly, build d8 with the following args.gn:
is_debug = true
symbol_level=2
target_cpu = "x64"
v8_target_cpu = "x64"
Then, Create a file named inspector-demo.js:
// inspector-demo.js
// Receiver function called by d8.
function receive(message) {
print(message)
}
const msg = JSON.stringify({
id: 0,
method: 'HeapProfiler.takeHeapSnapshot',
params: {
reportProgress: true,
captureNumericValue: false,
exposeInternals: false}
});
// Call the function provided by d8.
send(msg);
finally,Run this file by executing 'd8 --enable-inspector
inspector-demo.js'.
在2023年12月1日星期五 UTC+8 16:46:30<dinf...@chromium.org> 写道:
> Hi!
>
> Please file a bug for this with information on how to reproduce this on
> tip-of-tree. Thanks!
>
> On Wednesday, November 29, 2023 at 9:25:36 AM UTC+1 shir...@gmail.com
> wrote:
>
>> Hi all,
>> I have compiled a debug version of the V8 dynamic library for an Android
>> project. However, a crash has occurred while performing a Heap Snapshot.
>> The details of the issue, including the crash stack, are as follows:
>>
>>
>> # Fatal error in ../src/heap/heap-inl.h, line 251
>>
>>
>> # Debug check failed:
>> AllowHeapAllocation::IsAllowed().
>>
>>
>> #FailureMessage Object: 0x6fd5268d80
>>
>> V8_Fatal(char const*, int, char const*, ...) logging.cc:203
>> v8::base::(anonymous namespace)::DefaultDcheckHandler(char const*, int,
>> char const*) logging.cc:64
>> v8::internal::AllocationResult
>> v8::internal::HeapAllocator::AllocateRaw<(v8::internal::AllocationType)0>(int,
>>
>> v8::internal::AllocationOrigin, v8::internal::AllocationAlignment)
>> heap-allocator-inl.h:66
>> v8::internal::HeapObject
>> v8::internal::HeapAllocator::AllocateRawWith<(v8::internal::HeapAllocator::AllocationRetryMode)1>(int,
>>
>> v8::internal::AllocationType, v8::internal::AllocationOrigin,
>> v8::internal::AllocationAlignment) heap-allocator-inl.h:221
>> v8::internal::Factory::AllocateRaw(int, v8::internal::AllocationType,
>> v8::internal::AllocationAlignment) factory.cc:344
>> v8::internal::FactoryBase<v8::internal::Factory>::AllocateRaw(int,
>> v8::internal::AllocationType, v8::internal::AllocationAlignment)
>> factory-base.cc:1140
>> v8::internal::FactoryBase<v8::internal::Factory>::AllocateRawWithImmortalMap(int,
>>
>> v8::internal::AllocationType, v8::internal::Map,
>> v8::internal::AllocationAlignment) factory-base.cc:1131
>> v8::internal::MaybeHandle<v8::internal::SeqOneByteString>
>> v8::internal::FactoryBase<v8::internal::Factory>::NewRawStringWithMap<v8::internal::SeqOneByteString>(int,
>>
>> v8::internal::Map, v8::internal::AllocationType) factory-base.cc:675
>> v8::internal::FactoryBase<v8::internal::Factory>::NewRawOneByteString(int,
>> v8::internal::AllocationType) factory-base.cc:687
>> v8::internal::Factory::NewStringFromTwoByte(unsigned short const*, int,
>> v8::internal::AllocationType) factory.cc:931
>> v8::(anonymous namespace)::NewString(v8::internal::Factory*,
>> v8::NewStringType, v8::base::Vector<unsigned short const>) api.cc:7147
>> v8::String::NewFromTwoByte(v8::Isolate*, unsigned short const*,
>> v8::NewStringType, int) api.cc:7204
>> convertToString(v8::Global<v8::Context> const&, v8::Isolate*,
>> v8_inspector::StringView) v8inspector_channel.cpp:32
>> V8InspectorChannelImpl::sendNotification(std::__ndk1::unique_ptr<v8_inspector::StringBuffer,
>>
>> std::__ndk1::default_delete<v8_inspector::StringBuffer>>)
>> v8inspector_channel.cpp:54
>> v8_inspector::V8InspectorSessionImpl::SendProtocolNotification(std::__ndk1::unique_ptr<v8_crdtp::Serializable,
>>
>> std::__ndk1::default_delete<v8_crdtp::Serializable>>)
>> v8-inspector-session-impl.cc:221
>> non-virtual thunk to
>> v8_inspector::V8InspectorSessionImpl::SendProtocolNotification(std::__ndk1::unique_ptr<v8_crdtp::Serializable,
>>
>> std::__ndk1::default_delete<v8_crdtp::Serializable>>) 0x0000005593df4290
>> v8_inspector::protocol::HeapProfiler::Frontend::reportHeapSnapshotProgress(int,
>>
>> int, v8_crdtp::detail::ValueMaybe<bool>) 0x0000005593d987f4
>>
>> v8_inspector::(anonymous
>> namespace)::HeapSnapshotProgress::ReportProgressValue(unsigned int,
>> unsigned int) v8-heap-profiler-agent-impl.cc:40
>> v8::internal::HeapSnapshotGenerator::ProgressReport(bool)
>> heap-snapshot-generator.cc:2765
>>
>> v8::internal::V8HeapExplorer::IterateAndExtractReferences(v8::internal::HeapSnapshotGenerator*)
>>
>> heap-snapshot-generator.cc:2115
>>
>> v8::internal::HeapSnapshotGenerator::FillReferences()
>> heap-snapshot-generator.cc:2778
>> v8::internal::HeapSnapshotGenerator::GenerateSnapshot()
>> heap-snapshot-generator.cc:2737
>> v8::internal::HeapProfiler::TakeSnapshot(v8::HeapProfiler::HeapSnapshotOptions)
>>
>> heap-profiler.cc:96
>> v8::HeapProfiler::TakeHeapSnapshot(v8::HeapProfiler::HeapSnapshotOptions
>> const&) api.cc:10670
>> v8_inspector::V8HeapProfilerAgentImpl::takeHeapSnapshot(v8_crdtp::detail::ValueMaybe<bool>,
>>
>> v8_crdtp::detail::ValueMaybe<bool>, v8_crdtp::detail::ValueMaybe<bool>,
>> v8_crdtp::detail::ValueMaybe<bool>) v8-heap-profiler-agent-impl.cc:298
>> v8_inspector::protocol::HeapProfiler::DomainDispatcherImpl::takeHeapSnapshot(v8_crdtp::Dispatchable
>>
>> const&) 0x0000005593d9a184
>>
>
--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups
"v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/v8-dev/409a9bd7-303e-4022-89d7-96a8c7e5bfabn%40googlegroups.com.
